GCP Networking Flashcards
What is a service mesh?
A service mesh is a dedicated infrastructure layer that controls service-to-service communication between services or microservices using a proxy.
What is Istio?
Istio is an open source service mesh designed for extensibility and ease of use.
What is Anthos?
A fully managed service mesh based on Google’s implementation of Istio.
What services does a service mesh offer?
Security - through control of requests
Observability - collecting telemetry about the network
Connect - Manage connections (automatic retries, load balancing, traffic routing, etc)
Control - who has access to what
How do service meshes work?
It pairs each service in an application with a network proxy (referred to as the data plane) and provides a set management processes (the control plane).
Those network proxies intercept any requests to the service and processes them.
The control plane controls the data plane’s behaviour and provides API for developers to access the mesh.
What is Private Google Access?
A service that allows Compute engine instances with internal IP addresses to connect to Google services as if they had an external IP.
What is Application Load Balancer?
The Application Load Balancer is a proxy-based Layer 7 load balancer that enables you to run and scale your services.
It distributes HTTP and HTTPS traffic to backends hosted on a variety of Google Cloud platforms—such as Compute Engine, Google Kubernetes Engine (GKE), Cloud Storage, and Cloud Run—as well as external backends connected over the internet or by using hybrid connectivity.
What is Cloud CDN?
Cloud CDN uses Google’s globally distributed edge points of presence to cache HTTP(S) load balanced content close to your users.
Source - https://cloud.google.com/terms/services
What is Cloud DNS?
Cloud DNS is a high performance, resilient, global, fully-managed DNS service that provides a RESTful API to publish and manage DNS records for your applications and services.
Source - https://cloud.google.com/terms/services
What is Cloud Firewall?
Cloud Firewall is a fully distributed, cloud-native firewall service that evaluates incoming and outgoing traffic on a network, according to user-defined firewall rules in the policy.
What is Cloud Load Balancing?
Cloud Load Balancing provides scaling, high availability, and traffic management for your internet-facing and private applications.
What is Traffic Director?
Traffic Director is Google’s control plane for service meshes. It allows you to manage traffic routing and load balancing, including advanced routing features like routing matching by HTTP headers.
What is Private Services Access?
A VPC peering connection between a VPC and Google’s underlying VPC.
This allows you to connect to GCP services without exposing your VM resources via an external IP.
What is a VPC?
A Virtual Private Cloud (VPC) is a global virtualised network within Google Cloud that is functionality similar to a physical network.
It provide network functionality to Google Cloud services such as GKE, and is logically isolated from other VPCs in Google Cloud.
What is Shared VPC?
A service that allows you to share a VPC network across multiple projects within an organization.
